I am trying to setup my LDAP server to allow anonymous use on port 389,
but require that all request from port 636 to be authenticated. The
following is the rule I setup (and only rule for debugging purposes) to
do this. While it still provides me the read access anonymously on 389;
on 636, when binding as a valid user, I don't get anything returned. If
I bind as Manager on port 636, I do get everything. And if I remove the
"sockurl" rule, I can bind on port 636 normally. Thoughts?
Suggestions? Oh, if it matters, I am using OpenLDAP 2.1.22.

access to *
by * read
by sockurl="^ldaps:///$" auth
by dn="cn=Manager,o=MUSC,c=US" write